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Natural questions are: 

► Frequency response. 

► Stability. 

► Linearity/Time Invariance. 

Answers given by standard DSP theory. 
What about the implementation of the filter? 
We dive into the realm of PL theory! 


Paradigm shift! 
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“Absolute” confidence on something we believe. 
How do we know something is “absolutely” true? 





Many possible answers 

In the Programming Languages field, we want 
computers to check knowledge for us! 
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We will build a particular kind of evidence for a 
property of our filter, then use the computer to 
validate it. 
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Logical Evidence: Proofs 


We want to agree on a convention to produce 
and check evidence. 

A logic is a language and a set of rules geared 
towards the production of symbolic evidence. 

Example Propositions 

“Every even number is not prime.” 

“Every complex polynomial has a root.” 

“Every finite impulse filter is stable.” 


Checking Validity: Inference 


To check when a proposition holds, we need 
rules. 

Example Rules 

“If A and B hold, B holds.” 


“If P holds for 0, and assuming P holds 
for n we can prove that P holds for n+1, 
then P holds for all n.” 


The Theory of Forms 

Truth 

Truth lives in the idealistic, infinite universe, 
r \= (p if r is true, then p is true 


Proof 

Reasoning lives in the concrete, syntactic 
universe. 

r b ip ip can be proved from r 


using a valid application of the rules. 
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Linking the Worlds 

r |= (f if r is true, then <p is true 
r h ip can be proved from r 

Main Properties 

► Soundness: r h p implies r |= p. 

► Completeness: r |= ip implies r h ip. 

► Consistency: \f- A a -A 

We are liberated from the complexity of the ideal, 
infinite world, we can now use mechanical, 
finitary rules to reason about it! 
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Computational Evidence 


Assume we want our computer to check our 
deductions. 

We could write a rule checker. But how do we 
know the rule checker is correct? 

A crucial, fundamental idea: 


Programs are Proofs! 
Types are Propositions! 


Computational Evidence 

Welcome to Coq! 

aptitude install coq 



Computational Evidence 

Welcome to Coq! 

aptitude install coq 



In Coq, proofs are precisely the well-typed 
functional programs. Type-checking validates our 
logical deductions! 


BHK-Interpretation 


Computational interpretation of logic 


Type 

Proof / Program 

P A Q 

Record with proofs for P and Q. 

P^Q 

Program that takes a proof of P, 
then produces a proof of Q. 

V(x:P),Q(x) 

Program with input p a proof of 
P, then produces a proof of Q(p) 

3(x: P),Q(x) 

Pair (w, l/l/) of w a proof for P 
and W a proof for P{w). 

P v Q 

???? 
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Let’s Move Back to Audio 


Use Coq to reason about audio programs, in 
particular, we’ll use a toy version of Faust! 

What’s the plan? 

1. Define the syntax of Faust inside Coq. 

2. Define a representation for (sampled) sound. 

3. Link the two. 

4. ? 

5. Profit! 

[Seriously, we’d love to hear about 4!] 


Back to the Filter 


smooth^ = (1 - c)x n + c • smooth n _-i 
Using Faust: 

smooth(c) = *(l-c) : + ~ *(c) 


r process 



[For c = 0.9] 
































Let’s do it! 


smooth(c) = *(l-c) : + ~ *(c) 



Semantics 


We can “write” Faust programs inside Coq. Now 
we want to run them. 


Semantics 


We can “write” Faust programs inside Coq. Now 
we want to run them. 


Output of Smooth 


T : 

1 

2 

3 

4 

5 

6 

7 

8 

1 : 

1.00 

1.05 

1.10 

1.15 

1.20 

1.25 

1.20 

1.25 

0 : 

0.10 

0.19 

0.28 

0.37 

0.45 

0.53 

0.61 

0.68 













What is Sound? Choices... 


We need to choose how to represent sound in 
Coq? In the formal world, we pay for every detail. 

► Conceptual representations? (R -> R). 

► Infinite representations? (N —> R) 

► Finite representation? (seq R) 

We’ll use the last one. 


Let’s do it! 


T : 

1 

2 

3 

4 

5 

6 

7 

8 

1 : 

1.00 

1.05 

1.10 

1.15 

1.20 

1.25 

1.20 

1.25 

0 : 

0.10 

0.19 

0.28 

0.37 

0.45 

0.53 

0.61 

0.68 














When is Smooth Stable? 


We are in good shape, now, when is smooth 
stable? 

smooth^ = (1 - c)x n + c • smooths 


When is Smooth Stable? 


We are in good shape, now, when is smooth 
stable? 

smooths = (1 - c)x n + c • smooths 
Smooth is stable when c e (0,1). Formally: 

V/ e [a,b], c e (0,1) —> smooth(c) i e [a. b] 


Proving Stability 


We can do the proof directly in Coq, it is not 
difficult but cumbersome in general. 
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We can do the proof directly in Coq, it is not 
difficult but cumbersome in general. 


But we can use better, higher-level reasoning 
principles: Use program logics and target global 
properties over all samples. 


Sampled Logic 

Definition 

A sample-level property ^ holds for a signal s if it 
holds for all samples. V/7.y?(s[n]). 

Boundedness is a sample-level property! 


Sampled Logic 

Definition 

A sample-level property p holds for a signal s if it 
holds for all samples. \/n.ip(s[n]). 

Boundedness is a sample-level property! 

Definition 

Assume a program f, then we write {p} f {^} for 
“for all inputs satisfying the output of f 
satisfies if;. 

Stability for smooth is written: 


{x e [a, b]} smooth {x e [a, b]} 


Sampled Logic 


V/'i,4, (yi(/i) a ^{k)) ==> + 4(0 ) prjm 

{^1,^2}+ W 


M (W {#} 9 W 

M f : 9 W 


Comp 


h ^(*0) 


/ {^} 

M f ~ 9 W 


W 9 M 


Feed 





Stability Proof 


□ □ 

HH {Ubct labc} + {^ab} {Iab } *(c) {labc} 

{lab} *0 — f') {labc} {labc} + ~ *(c) {4b} 

{/e [a,/?]} *(1 - C) : + ~ *(c) {oe[a.b]} 


with: 


lab(x) s x e [a, fc] 

labc(x) = X 6 [a * c, b * c] 

labc(x) BXG [a* (1 - c),b* (1 - c)] 







Stability Proof 



Conclusions 


► Interesting exercise, we learned a lot! 

► The full language is basically done. 

► We need your help! Let us know what would 
be interesting to check! 

► Most complaints about plugins cannot be 
solved by verification. 

► We are investigating a slightly different 
approach. 

► Working on linear systems theory, frequency 
domain properties. 


Thanks! 


Nyquist Theorem 


Provided f s is twice the highest frequency in V 
then: 


00 

m- E 

n =—oo 


sin[7r • f s -(t- n • 7s)] 
t t ■ f s ■ (t - n ■ T s ) 


where 

4 = 1/T S sampling frequency 

\/(f) value of signal at time f 

\/[f] = \/(f • r s ) value of signal at time f • 7^ 



